DefaultFileDownloadService.java
- /*
- * Copyright (c) 2002-2022, City of Paris
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice
- * and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright notice
- * and the following disclaimer in the documentation and/or other materials
- * provided with the distribution.
- *
- * 3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- *
- * License 1.0
- */
- package fr.paris.lutece.portal.service.file.implementation;
- import fr.paris.lutece.portal.service.file.ExpiredLinkException;
- import fr.paris.lutece.portal.service.file.FileService;
- import static fr.paris.lutece.portal.service.file.FileService.PARAMETER_VALIDITY_TIME;
- import fr.paris.lutece.portal.service.file.IFileDownloadUrlService;
- import fr.paris.lutece.portal.service.security.RsaService;
- import fr.paris.lutece.portal.service.util.AppLogService;
- import fr.paris.lutece.portal.service.util.AppPathService;
- import fr.paris.lutece.util.url.UrlItem;
- import java.security.GeneralSecurityException;
- import java.sql.Timestamp;
- import java.time.LocalDateTime;
- import java.util.HashMap;
- import java.util.Map;
- import javax.servlet.http.HttpServletRequest;
- import org.apache.commons.lang3.StringUtils;
- /**
- *
- * DatabaseBlobStoreService.
- *
- */
- public class DefaultFileDownloadService implements IFileDownloadUrlService
- {
- private static final long serialVersionUID = 1L;
- // constants
- protected static final String URL_FO = "jsp/site/file/download";
- protected static final String URL_BO = "jsp/admin/file/download";
- private static final String SERVICE_NAME = "DefaultFileDownloadService";
- private static final String DEFAULT_SEPARATOR = "/";
- private String _separator = DEFAULT_SEPARATOR;
- // Keys
- public static final String KEY_LINK_VALIDITY_TIME = "link_validity_time";
- public String getSeparator( )
- {
- return _separator;
- }
- public void setSeparator( String separator )
- {
- _separator = separator;
- }
- /**
- * Build the additionnel data map to provide encryption data
- *
- * @param strFileId
- * @param strResourceId
- * @param strResourceType
- * @return the map
- */
- public static Map<String, String> buildAdditionnalDatas( String strFileId, String strResourceId, String strResourceType )
- {
- Map<String, String> map = new HashMap<>( );
- map.put( FileService.PARAMETER_FILE_ID, strFileId );
- map.put( FileService.PARAMETER_RESOURCE_ID, strResourceId );
- map.put( FileService.PARAMETER_RESOURCE_TYPE, strResourceType );
- return map;
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public String getFileDownloadUrlFO( String strFileKey, String strFileStorageServiceProviderName )
- {
- return getFileDownloadUrlFO( strFileKey, null, strFileStorageServiceProviderName );
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public String getFileDownloadUrlFO( String strFileKey, Map<String, String> additionnalData, String strFileStorageServiceProviderName )
- {
- StringBuilder sbUrl = new StringBuilder( );
- sbUrl.append( AppPathService.getBaseUrl( null ) );
- sbUrl.append( URL_FO );
- if ( additionnalData == null )
- {
- additionnalData = new HashMap<>( );
- }
- additionnalData.put( FileService.PARAMETER_FILE_ID, strFileKey );
- return getEncryptedUrl( sbUrl.toString( ), getDataToEncrypt( additionnalData ), strFileStorageServiceProviderName );
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public String getFileDownloadUrlBO( String strFileKey, String strFileStorageServiceProviderName )
- {
- return getFileDownloadUrlBO( strFileKey, null, strFileStorageServiceProviderName );
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public String getFileDownloadUrlBO( String strFileKey, Map<String, String> additionnalData, String strFileStorageServiceProviderName )
- {
- StringBuilder sbUrl = new StringBuilder( );
- sbUrl.append( AppPathService.getBaseUrl( null ) );
- sbUrl.append( URL_BO );
- if ( additionnalData == null )
- {
- additionnalData = new HashMap<>( );
- }
- additionnalData.put( FileService.PARAMETER_FILE_ID, strFileKey );
- return getEncryptedUrl( sbUrl.toString( ), getDataToEncrypt( additionnalData ), strFileStorageServiceProviderName );
- }
- /**
- * get encrypted url
- *
- * @param strUrl
- * @param additionnalData
- *
- * @return the url, null otherwise
- */
- protected String getEncryptedUrl( String strUrl, String dataToEncrypt, String strFileStorageServiceProviderName )
- {
- UrlItem item = new UrlItem( strUrl );
- try
- {
- String idEncrytped = RsaService.encryptRsa( dataToEncrypt );
- item.addParameter( FileService.PARAMETER_PROVIDER, strFileStorageServiceProviderName );
- item.addParameter( FileService.PARAMETER_DATA, idEncrytped );
- return item.getUrlWithEntity( );
- }
- catch( GeneralSecurityException e )
- {
- AppLogService.error( e.getMessage( ), e );
- return null;
- }
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public String getName( )
- {
- return SERVICE_NAME;
- }
- /**
- * get data to encrypt
- *
- * @param fileDownloadData
- * @return the map of datas to encrypt in the url
- */
- private String getDataToEncrypt( Map<String, String> additionnalData )
- {
- StringBuilder sb = new StringBuilder( );
- sb.append( StringUtils.defaultIfEmpty( additionnalData.get( FileService.PARAMETER_FILE_ID ), "" ) ).append( _separator );
- sb.append( StringUtils.defaultIfEmpty( additionnalData.get( FileService.PARAMETER_RESOURCE_ID ), "" ) ).append( _separator );
- sb.append( StringUtils.defaultIfEmpty( additionnalData.get( FileService.PARAMETER_RESOURCE_TYPE ), "" ) ).append( _separator );
- sb.append( calculateEndValidity( ) );
- return sb.toString( );
- }
- /**
- * get end validity time
- *
- * @return the end time of url validity
- */
- protected long calculateEndValidity( )
- {
- LocalDateTime endValidity = LocalDateTime.MAX;
- if ( getValidityTime( ) > 0 )
- {
- endValidity = LocalDateTime.now( ).plusMinutes( LINK_VALIDITY_TIME );
- }
- return Timestamp.valueOf( endValidity ).getTime( );
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public Map<String, String> getRequestDataBO( HttpServletRequest request )
- {
- String strEncryptedData = request.getParameter( FileService.PARAMETER_DATA );
- try
- {
- String strDecryptedData = RsaService.decryptRsa( strEncryptedData );
- return getDecryptedData( strDecryptedData );
- }
- catch( GeneralSecurityException e )
- {
- AppLogService.error( e.getMessage( ), e );
- return null;
- }
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public Map<String, String> getRequestDataFO( HttpServletRequest request )
- {
- String strEncryptedData = request.getParameter( FileService.PARAMETER_DATA );
- try
- {
- String strDecryptedData = RsaService.decryptRsa( strEncryptedData );
- return getDecryptedData( strDecryptedData );
- }
- catch( GeneralSecurityException e )
- {
- AppLogService.error( e.getMessage( ), e );
- return null;
- }
- }
- /**
- * get map of datas from encrypted url data parameter
- *
- * @param data
- * @return the map of
- */
- protected Map<String, String> getDecryptedData( String strData )
- {
- String [ ] data = strData.split( _separator );
- Map<String, String> fileData = buildAdditionnalDatas( data [0], data [1], data [2] );
- fileData.put( PARAMETER_VALIDITY_TIME, data [3] );
- return fileData;
- }
- /**
- * {@inheritDoc}
- */
- @Override
- public void checkLinkValidity( Map<String, String> fileData ) throws ExpiredLinkException
- {
- LocalDateTime validityTime = new Timestamp( Long.parseLong( fileData.get( FileService.PARAMETER_VALIDITY_TIME ) ) ).toLocalDateTime( );
- if ( LocalDateTime.now( ).isAfter( validityTime ) )
- {
- throw new ExpiredLinkException( "Link expired on : " + validityTime.toString( ) );
- }
- }
- }